Replies: 1 comment 1 reply
-
That does seem nonsensical. However, it is an issue with the Microsoft Graph project (different team, different repository) and not the Microsoft.Entra PowerShell module project. The best way to affect change would be to:
Thanks for noting; I hadn't seen this one yet! |
Beta Was this translation helpful? Give feedback.
-
|
Thanks I will do that! |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
This is nonsense:
https://learn.microsoft.com/en-us/graph/api/group-delete-members?view=graph-rest-1.0&tabs=http
"If /$ref is not appended to the request and the calling app has permissions to manage the member object type, the member object will also be deleted from Microsoft Entra ID; otherwise, a 403 Forbidden error is returned. For example, an app with both GroupMember.ReadWrite.All and User.ReadWrite.All permissions will delete a user. You can restore specific objects through the Restore deleted items API."
When the fallback for having a wrongly escaped $ref is to DELETE THE ENTIRE USER FROM THE TENANT - that is awful and horrible design. If I am calling a delete operation for a user with a group endpoint there is NO POSSIBLE WAY IN ANY SCENARIO that I would want to delete the user entirely.
Absolute horrid design. what the H.
Beta Was this translation helpful? Give feedback.
All reactions